Phishing

Phishing is a cybercrime in which a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The goal is to trick the recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment. What distinguishes phishing is the form the message takes: the attackers masquerade as a trusted entity of some kind, often a real or plausibly real person, or a company the target might do business with. It's one of the oldest types of cyberattacks, dating back to the 1990s, and it's still one of the most widespread and damaging. Key signs of a phishing email include a sense of urgency ('your account will be closed!'), generic greetings ('Dear Valued Customer'), poor grammar or spelling, mismatched URLs (hovering over a link reveals a different web address), and unexpected attachments. Spear phishing is a more targeted version where attackers research their target and create a personalized message. To avoid phishing, you should always be skeptical of unsolicited emails, verify the sender's address, avoid clicking suspicious links, and enable multi-factor authentication on your accounts.